Analysis
-
max time kernel
99s -
max time network
614s -
platform
android_x64 -
resource
android-33-x64-arm64-20240624-en -
resource tags
androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system -
submitted
18/09/2024, 12:28
Behavioral task
behavioral1
Sample
Tasker.ver.6.3.13.build.5395.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral2
Sample
Tasker.ver.6.3.13.build.5395.apk
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral3
Sample
Tasker.ver.6.3.13.build.5395.apk
Resource
android-33-x64-arm64-20240624-en
General
-
Target
Tasker.ver.6.3.13.build.5395.apk
-
Size
36.8MB
-
MD5
e44093c41d157e1e2c761d4a63b3515c
-
SHA1
3a38c12467834fc155c755090573bf67d205dbf5
-
SHA256
851f3f8ea378a611f5a7b1171717f3ea5660f7a27ad0d5c34ab2a0414fafbcf1
-
SHA512
4bc640be5addebb4ad1189f2efedb322328b4094c9d0565597b20a9f4642891014305d354cb385c5bf6acd1ba36eac0c997354ad25b51d4155e1e8164b69a1c7
-
SSDEEP
786432:Ie8y4HOQKcAm6qRrHPwCQ7X+j7P3AAUs7i2IRSPzOd8R8USMnU:IeCHJN1Po07PQALe2I4Pzs8RxSh
Malware Config
Signatures
-
Obtains sensitive information copied to the device clipboard 2 TTPs 1 IoCs
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
description ioc Process Framework service call android.content.IClipboard.addPrimaryClipChangedListener net.dinglisch.android.taskerm -
Acquires the wake lock 1 IoCs
description ioc Process Framework service call android.os.IPowerManager.acquireWakeLock net.dinglisch.android.taskerm -
Makes use of the framework's foreground persistence service 1 TTPs 1 IoCs
Application may abuse the framework's foreground service to continue running in the foreground.
description ioc Process Framework service call android.app.IActivityManager.setServiceForeground net.dinglisch.android.taskerm -
Uses Crypto APIs (Might try to encrypt user data) 1 TTPs 1 IoCs
description ioc Process Framework API call javax.crypto.Cipher.doFinal net.dinglisch.android.taskerm -
Checks CPU information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/cpuinfo net.dinglisch.android.taskerm -
Checks memory information 2 TTPs 1 IoCs
description ioc Process File opened for read /proc/meminfo net.dinglisch.android.taskerm
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24B
MD5ab625baf459f9e866c5862f694b383b5
SHA1349722aa9b60663b5456f0c9fe2b2a278ff8ceea
SHA2561f4f76351d44da0d9010f3a00414eab5563738a1b6a93487c7a74d893707ed76
SHA512ab635fef34d146462af4a730c3eb1c39e89de41f39092bd0919b4b5fad7db9203575f7d5b697a599eecf0fb3123f7a827b4a73fb61a3304bcb7e2d029579515b
-
/data/data/net.dinglisch.android.taskerm/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat
Filesize8B
MD57d773964c2310e766504cf2b9f6090b5
SHA166e371a3caa93bed8ec6310a636c50ab20b7d624
SHA256316dacc8c4579a42f50de30af17a173edfeb6730ef3de52c696033366fd83725
SHA5129479df7444b435001436282357471559e7623113aff216749460bab6856e9a3688c8d428e02eb7043593136f1aa7440fd1fcd3e22c44fe6d075e592ba37f1134
-
Filesize
10KB
MD59a9fc6e35d585160df474c02df561c69
SHA15be7a71b6e72f32fde78f6bfcea3b8d40987f784
SHA256a3f82fc3126500cc9df6f7bc32f6a9b5387013a8e3effd233966b15476de9e5c
SHA51247a8d4e313c005133cd70b886aff03591b81f54dc111b2a0d5980f6099264f864cdefd04867a2f4f61c457d64f6be7976110183de55e78680f0d925eed94cbd9
-
Filesize
20KB
MD5792093081c75d22b1d584f46af56489b
SHA166a93253526d4845ce8b2bc7bcb074111b4f8445
SHA2569e750b6fc87c65c7d9402c1ea56f134bd2bba39d478159456a2563f3f2c750c1
SHA51208ef87627b73fbf89482154d97fb42993e945655f2180ac4bc38ee5567e958631b9c142a36aa14fafb7a09ba9288ab366e3a1fed5bb97ac31df75ae18d93f6ab